<?php
	@session_start();
	include("../inc/common_variables.php");
	include("../../connect/connect_mysql.php");
	
	$user="$_SESSION[$ssUserID]";

	$act = $_POST['act'];
	//Chang password
	if($act == "password"){
		$old_pass = $_POST['old_password'];
		$pass = $_POST['password'];
		$query = "SELECT * FROM `member` WHERE `username` = '$user' and `password` = '$old_pass'";
		mysql_query ("SET NAMES 'utf8'");
		$result = mysql_query($query);
		$num_rows = mysql_num_rows($result);
		if ($num_rows == 0){
			echo 0;
		}else{
			$query = "UPDATE `member` SET `password`='$pass' WHERE `username`='$user';";
			mysql_query ("SET NAMES 'utf8'");
			mysql_query($query);
			echo 1;
		}
		
	}
	
	// Change email
	if($act == "email"){
		$old_email = $_POST['old_email'];
		$email = $_POST['email'];
		$query = "SELECT * FROM `member` WHERE `username` = '$user' and `mail` = '$old_email'";
		mysql_query ("SET NAMES 'utf8'");
		$result = mysql_query($query);
		$num_rows = mysql_num_rows($result);
		if ($num_rows == 0){
			echo 0;
		}else{
			$query = "UPDATE `member` SET `mail`='$email' WHERE `username`='$user';";
			mysql_query ("SET NAMES 'utf8'");
			mysql_query($query);
			echo 1;
		}
	}
	if($act == "info"){
		$query = "SELECT * FROM `member` WHERE `username` = 'admin'";
		mysql_query ("SET NAMES 'utf8'");
		$result = mysql_query($query);
		$row = mysql_fetch_array($result);
        $username = $row['username'];
        $password = $row['password'];
		$email = $row['mail'];
		$str="";
		$str .= "{\n";
		$str .= "  username: \"$username\",\n";
		$str .= "  password: \"$password\",\n";
		$str .= "  email: \"$email\",\n";
	    $str .= "}\n";
		echo $str;
	}
?>